Don't Become the Next Headline: API Security for Security Executives

Wednesday, October 30

8:30 AM - 9:30 AM

Location: Northern D+DE Corridor

Speaker(s)

Andrew Whelchel

Principal Solutions Engineer, CISSP-ISSAP
Okta

APIs are part of the life and future for an enterprise. This introduces new risk that rightfully keeps many security executives up at night, particularly with the number of API breaches occurring over the past year. For the security executive, mitigating the risk of APIs is not just about firewalls but about needing to control data authorization and enforce existing identity polices to identify and validate users/entities levering APIs.

These session presents a simple approach to managing the risk of API data access. We'll walk the security executive along an easily followed path for secure APIs for their organization. We'll also outline steps on how to build a security program for APIs within their organization.

Learning Objectives:

Learn risk management quantification for APIs in the enterprise.
Develop API security program management capabilities to manage the API risk.
Learn communication methods to communicate security risk and mitigation using API security to boards and executive management teams.